Analysis of lattice reduction attack against the somewhat homomorphic encryption based on ideal lattices

Abstract

In 2009, Gentry first proposed a concrete method for constructing a fully homomorphic encryption (FHE) scheme, which supports arbitrary operations on encrypted data. The construction of the FHE scheme starts from a somewhat homomorphic encryption (SHE) scheme, which only supports limited operations but can be much faster than the FHE scheme. The Gentry's scheme is based on ideal lattices, and Chen and Nguyen estimated that it needs at least 10,000 lattice dimension to make the FHE scheme secure. In contrast, the security of the SHE scheme can be guaranteed for lower lattice dimensions, depending on the possible operations which are determined by key parameters. The aim of this paper is to classify which key parameters are feasible to be solved. We attack the lattice problem of lower dimensions by practical lattice reduction algorithms, and estimate the key parameters which can be solved in practice. © Springer-Verlag Berlin Heidelberg 2013.